Administrateur Système en Cybersécurité / System Administrator in Cybersecurity field (M/F)

ABOUT THE ROLE:

Reporting to the Alstom Project Cybersecurity delivery Manager, the role of the System Administrator in Cybersecurity field is to design and execute cybersecurity activities for projects and development programs.

Mastership of both french and english languages are prerequisites for this role.

Three types of missions are representative of the role:

• Deploy a Cybersecurity platform (CSP) on international metro and mainline projects (CyCSP) ;

• Contribute to project security conditions (CyMCS) ;

• Contribute to project architecture definitions (CyAD).

RESPONSIBILITIES :

Deployment of the CSP platform in projects (CyCSP)

• Adapt the cybersecurity products of the CSP platform to the cybersecurity requirements of projects (project-specific constraints, local regulations, imposed standards) ;

• Develop and document action plans to bring projects into compliance with the CSP platform ;

• Provide organizational and technical interfaces with other Alstom teams and subsystems ;

• Manage and monitor editors and suppliers of Cybersecurity services who work on projects. This can notably concern the piloting of Pentesting campaigns ;

• Specify, implement and test security modules that are not part of the CSP Platform ;

• In large projects, the CSP leader may have to coordinate actions with one or several System administration engineers. 

• Particularize the process for setting up projects in safety according to customer requirements ;

• Contribute to the training of Customers in the implementation of cybersecurity in Operations mode ;

• Develop and document operational conditioning action plans.

• Participate in the definition of the architecture and design principles of cybersecurity, in particular:

• Proposal of the technical solution to be implemented in accordance with the cybersecurity design guidelines. One of the main results is the identification of possible cybersecurity architectures ;

• Define and maintain a cybersecurity architecture with the identification of the zone, SAL level, MIRE target and cybersecurity functions ;

• Support the implementation of cybersecurity through an active contribution to the author-proofreader cycles of design documents.

• Minimum 5 years of experience in IT systems and networks administration ;
• You have experience in project management and a good knowledge of the V-cycle ;
• Ideally some cybersecurity or general hacking experience and knowledge ;

• You have konledge of the main standards and regulations, such as: ISO 2700X, 62443, NIST, NIS ;

• Knowledge of the security market and its main players;

• Knowledge of certain security solutions and areas, such as: BRP / DRP, GRC, IAM, DLP, PKI, SOC, IDS / IPS, SAP security, etc. ;

• Technical mastery of at least 2 of the following areas :

System and network architecture concepts and techniques, operating systems and associated programming languages.

Knowledge of the main systems security assessment techniques

Knowledge of tools such as Wireshark, Nmap, OpenVAS, Nexpose, Metasploit, Nessus, BURP

Encryption issues and tools (for example, Truecrypt, Openssl)

Low level filtering (firewall owners, Iptables, OpenVPN)

Penetration testing techniques.

• Knowledge or experience of on-board or industrial systems (rail / aeronautics…) is an asset ;

• Dynamic, autonomous. Creativity and ability to work in a complex environment. Good writing skills.

•  English and French languages are prerequesites.